Topic: Can Bitcoin Mixer services be trusted? - page 2. (Read 614 times)

Yes, this is a risk. When you deposit coins to any exchange, casino, mixer, etc., then you are giving up custody of them. This is a risk I am willing to accept with ChipMixer due to a number of reasons: Firstly, I am mixing small amounts of coins at a time and not leaving amounts I can't afford to lose in the custody of a mixer, and secondly, they have mixed hundreds of thousands of bitcoin over the years without a single incident of loss or theft.

Coinjoin is another useful tool, but it is neither perfect nor infallible:

Can we just put aside the other worries and address the main problem? I want to believe Sending bitcoin (either Utxo that has been KYC or not) to a mixer is risky because even if you know a little about their protocols,  you don't have the associated private keys to your deposit and you risk losing your money but no one is discussing that which I'm having interest on.
If not for the fact that some Mixers claimed that they usually purge their logs, why trust a mixer that can be threatened just like an exchange? why not go through Coinjoin where you have access to your keys than a mixer that you have to trust about your privacy and custody of funds.

@o_e_l_e_o

I was thinking more of a trustless escrow, such as Bisq's 2-of-2 multi-sig escrow between buyer and seller, rather than just shifting the trust from one party to another. I can't see a way to do this in the current system.

It should do. The whole point of the blinding is that even ChipMixer would not know which certificate is which. They would be unable to log any activity as all they can tell is if a certificate is valid and unspent, but not when it was signed or who has owned it.

Bob can send a voucher to a third party acting as escrow. Escrow checks it, creates a new voucher, and gives it to Alice.

Now this risk is with the escrow:

As far as I understand BBC, that would really be the next large step for privacy.
And it would allow them to advertise on this forum again, right?

So I'm quite interested in exploring this. In order to maintain your privacy from the other party, you would have to exchange vouchers rather than private keys, so I didn't know which UTXOs you ended up spending and vice versa. Given that ChipMixer now allows you to generate vouchers of custom amounts, then it is trivial to create vouchers of matching sizes. However, if I split a voucher of 0.008 BTC off from a larger stack and we swapped vouchers, there would be no point in my combining that 0.008 BTC back in to my larger stack, since that would defeat the entire purpose of the swap.

The risk is that the other party redeems the voucher and then claims that it didn't work, or sends you a fake or already redeemed voucher. I can't see any way around this, since if you wanted to send a hidden voucher or similar to someone else then it would require the cooperation of ChipMixer, which brings us back to square one. So as you say, you could only do this with someone you trust, since I can't see a way to safely escrow or blindly send the vouchers to each other. Unless of course ChipMixer implemented blinded bearer certificates.

Bitcoin mixers can be trusted in a way you trust your friends who know your secrets. It depends on your friends whether they tell your secret to someone else or not but keep in mind that friends can be tortured to reveal your secrets.

Keep in mind that Blockchain analysis and tracking methods are improving daily. You not only need to trust bitcoin mixers but to trust your computer's software/hardware, trust your OS, trust your Browser and then trust your mixer.

There are problems that you should always keep in mind:
1. Mixer will scam you and not send your coins.
2. Mixer is run by authorities.
3. Mixer stores your log and data.
 3.1 - Mixer may sell your data
 3.2 - Mixer may reveal your info/data if they get in trouble with authorities.
4. Mixer website contains viruses.

There are chances that you'll experience at least one problem from the list and there are chances that you won't experience any listed problem. This is the situation where you have to trust their words, it's a risk anyway.

I want to tell you one thing, if everything that you do is legal and you just wanna hide your legal transactions, then you can feel secure by using popular bitcoin mixers. If you do something illegal, which I hope you don't do, then trust nobody or every trust will carry serious potential risks.

Think it's pretty clear by now to OP. You can't trust any mixer to be a good actor because they're all centralised. In the end, like every business, you hope their motivation to conduct business correctly to ensure future income is more than their motivation to run off with your funds or steal your data.

If it's fund security you're worried about, even with alternative type of mixing like CJ where you maintain custody of funds, you have to give up a degree of mixing efficacy (to me).

Really do read the posts suggested by LoyceV (the ChipMixer articles).


I can confirm the same. Was some time ago though, it was legacy address, I checked it as force of habit and saw it had 2 older txs, funded and then swept out I guess. It's not even the first time, I've seen it on other services before, and on some services I've been using for years, never once (Localbitcoins, for example, probably used hundreds in my lifetime, and they're now on bech32, but have never given a recycled address) so I know it's just negligence on the part of services who do.

And ETF, when users make a mistake, though, you don't talk to BitPay. You talk to merchant if you overpay or make a mistake who then refunds you only in fiat (and you can't underpay, Bitpay just would reject the invoice and ask you to get your refund from the merchant).

Happened to me plenty during peak congestion, when it takes too long to confirm (expire) or you use RBF (yeah, who knew) so you're forced to overpay fees in a major way with BP. Sorry, didn't meant to go on a rant.

I've seen it with my own eyes: the address they gave me was funded half a year earlier.
But it was (is?) much worse with the instant exchanger I mentioned: they used a few different deposit address many times per day.

This is issue was discussed some years ago and based on the research was done by reputable members of the forum that there's a chance for flaws when mixing a huge number of BTC like 500 at once through an external mixing service and you're also trusting the external tumbler not to run away with your BTC either.
Having said that, when you mix through Bitcoin tumblers, you're trusting them not to keep logs this is the reason why it is good to use different tumblers when anonymity is a top priority. After you use Bitcoin tumbler, make use of a privacy wallet like Wasabi and no KYC p2p exchange.

---

Does anyone have updated information about the open transactions?

It's not that rear if you think about it.
Yes, and I even know some cases with multiple members of one family are using one bitcoin address, or some company is using only one addresses for accepting payments or donations.
That means that Bitcoin address can be personal used by one human but it's not necessarily, similar like one family is using one IP address in the same home,
or how internet providers have shared IP addresses instead of more expensive static IP addresses, that are usually optional.

I think dkbit98 meant wallet addresses can be paid to by multiple users. Although not recommended, it's not uncommon to ask different people to pay to the same address. I even see it on Bitcointalk for raffles or paying back loans, I've seen Bitpay do it, and I've seen instant exchangers reuse addresses.

And cameras, do not forget about cameras.
For example : if you go to bar/cafeteria to use their free WIFI, the most probably you will be recorded.

I think it's similar to having a gun - it gives you a false sense of security (in this case, anonymity).

Everything:

I've seen some discussions about it. A good place to start might be different ANN threads on the Service Announcements board.  ChipMixer wrote a few articles about Best practices of Bitcoin mixing.

It never was. Bitcoin is pseudo-anonymous at best.

That's not needed. It really depends: you probably wouldn't mind paying for your coffee from an address linked to the address you use to pay for your lunch. But it's not wise to let your local barista know you own $100M in Bitcoin, and you may not want to pay for sexual services from the address you received your Christmas bonus on.

Anything can be said. Ok. I understood. So, by default, need to be prepared for the worst: that information about you is stored and can be transferred to third parties.


As far as I know, it's not enough to use tor with default settings, but that's another topic for discussion.
In our country, to connect to public WiFi, need to specify a phone number. Well, you understand how hidden it can be and someone already wrote above that public WiFi is not the best idea.

Can you briefly say for overall development what information can be obtained using Cloudflare?

Can you talk a little more about this? Or in what topic it is possible to find out?

I touched not so much on the technical aspects of privacy, but more on information of a general nature.

Ok. Has this topic already been discussed on the forum, where I can fill the gap in my knowledge?

If at the beginning of the birth of crypto industry mixing services there was no, in view of the fact that the bitcoin network was considered anonymous, now everything is going to the fact that not a single transaction will be carried out without mixing services. New times - new needs.

All they can get is your bitcoin address use for sending them coins with all past transactions, and IP address you used for connection on their website.
You can easily mitigate that and hide your real IP address with using Tor browser that is recommended anyway or with alternative paid vpn service.

All this information is probably stored for some time on their servers, but good mixers will delete this data periodically.
My assumption is that some mixers could be operated by government organizations in same way like they run Tor nodes, so they will probably going to save all your activity.
You can use mixers multiple times making it very hard for anyone to read complete history for your transactions.

I already answered this, and there is no need to ask the same question twice.

There is no ''personal'' information collected by mixers, it's just IP address and your wallet address, both of this can be used my multiple humans if they are shared.
You are again asking same question multiple times, and I said yo can use Tor browser or vpn, with good address management.

Even if you are using the reputed mixing services you should be extra cautious to look for the legit one's as the fake copies are also around the net with same UI to make you fool for which newbies fall.

The popular mixing service of Chipmixer is used by many to avoid the orginal tracing of address but some fake websites are always ready to scam you of your funds like this recent one so take care of it.

Use Tor Browser. But if you're willing to use terminal with Tor/VPN with some trial and error, you can make POST request so the mixer have no information about your browser/OS.


Under the hood, usually it's more complex than "Your Address 1 - Mixer Address - Your Address 2". But the weakness heavily depends on how mixer mix user coin and user behavior. You might want to check Breaking Mixing Services.

It's hard to discuss privacy of mixers if you don't know how it works, or haven't at least tried it. Different mixers work in different ways.

I'll add a bit to what has been said already: you could get a voucher from ChipMixer, and exchange that with someone else (obviously someone you trust). If you do that, there's not a single entity on the planet who could know all the information linking your incoming and outgoing transactions.

Yes, when privacy is the top priority you can't trust anyone, and thats people are advised to you 2 or more mixing services but there are some Bitcoin mixers that have been operating for years with no problem. The information the Bitcoin mixer gets is the wallet address used and IP address.

Yes, you're correct but there are some mixers that operated in p2p while there are some that provide you with a chip that is already funded before you mix your coin, and what they provide you is the chip that's equal to the amount of BTC want to receive with the private keys to the wallet that contain the Chips.

You have already answered this question yourself but the last time I checked most Bitcoin mixers use Tor and what you need is to know how to use it. So, the IP address and user location shouldn't be a problem.

If the Bitcoin mixer uses Cloudflare they have enough information about their user saved. However, they didn't save any of their customer data theres information the hacker that access their website will get.

Every mixer has its own rules, regulations, and mode of operation. You just have to use those that have a good record and require minimum data.

Never mixer huge BTC, always use Tor, and make sure you use 3 direct mixing methods (decentralized mixing should be included).

If you want to use a mixing service, you will need a reputed one that you can trust, if you do not trust any, then do not use any mixer.

After having less privacy (in a way the public can trace your addresses on blockchain) like your bitcoin addresses are connected together (maybe) during transaction and some other reasons, this would be available for the public as the blockchain is transparent. This is one of the reasons someone can decide to use a mixer, even if the addresses are known to the mixer, the public will not know the owner of the old address is the owner of the new address which is the function of a mixer.

Public WiFi is not secure, anonymity in this regard would be better with Tor.